← voltar
CVE-2007-0556

CVE-2007-0556

EPSS 2.9%
The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 does not verify that a table is compatible with a "previously made query plan," which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content via an "ALTER COLUMN TYPE" SQL statement, which can be leveraged to read arbitrary memory from the server.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://fedoranews.org/cms/node/2554http://lists.rpath.com/pipermail/security-announce/2007-February/000141.htmlhttp://osvdb.org/33302http://secunia.com/advisories/24028http://secunia.com/advisories/24033http://secunia.com/advisories/24042http://secunia.com/advisories/24050http://secunia.com/advisories/24057http://secunia.com/advisories/24151http://secunia.com/advisories/24315http://secunia.com/advisories/24513http://secunia.com/advisories/24577